IOC Report

loading gif

Files

File Path
Type
Category
Malicious
WireAdviceCopy.html
HTML document, ASCII text, with very long lines, with CRLF line terminators
initial sample
 malicious
C:\Program Files\Google\Chrome\Application\Dictionaries\en-US-9-0.bdic
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\0488142e-4a07-40e9-a998-e3b36dad4c34.tmp
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\231962c1-c627-4054-82d6-48690fd01bab.tmp
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\286bbc82-3259-456d-8345-52676b09178b.tmp
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\46f64aa1-e40c-4b57-ae2a-6adbcc3de711.tmp
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\5bdb319a-619c-4bbb-8493-270e958ca202.tmp
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Crashpad\settings.dat
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\3131d55d-2f4b-4cf7-bdda-ce3192f3eeed.tmp
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\3b2bd317-6340-410b-a335-875b46fcdce2.tmp
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\6525cb7a-30ea-4392-9446-916a4aed5f73.tmp
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\994c91ed-57d6-4d0e-9f99-76a7add3bf53.tmp
UTF-8 Unicode text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\AutofillStrikeDatabase\LOG
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\AutofillStrikeDatabase\LOG.oldNT (copy)
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\BudgetDatabase\LOG
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\BudgetDatabase\LOG.old. (copy)
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Cache\data_0
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Cache\data_1
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Cache\data_2
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Cache\data_3
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Cookies
SQLite 3.x database, last written using SQLite version 3032001
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Current Session
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Current Tabs
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension Rules\000003.log
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension Rules\LOG
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension Rules\LOG.old (copy)
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension State\000003.log
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension State\LOG
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension State\LOG.old (copy)
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.6_0\_metadata\computed_hashes.json
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\8520.615.0.5_1\_metadata\computed_hashes.json
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Favicons
SQLite 3.x database, last written using SQLite version 3032001
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\AvailabilityDB\000003.log
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\AvailabilityDB\LOG
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\AvailabilityDB\LOG.old., (copy)
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\EventDB\LOG
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\EventDB\LOG.old (copy)
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\GCM Store\Encryption\LOG
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\GCM Store\Encryption\LOG.old (copy)
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\GPUCache\data_1
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\History
SQLite 3.x database, last written using SQLite version 3032001
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\History Provider Cache
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\History-journal
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Last Session (copy)
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Last Tabs (copy)
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Storage\leveldb\000003.log
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Storage\leveldb\LOG
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Storage\leveldb\LOG.old (copy)
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Network Persistent StateMP (copy)
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Network Persistent State} (copy)
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Platform Notifications\LOG
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Platform Notifications\LOG.old.2 (copy)
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Preferences (copy)
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences (copy)
UTF-8 Unicode text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Session Storage\000003.log
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Session Storage\LOG
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Session Storage\LOG.old. (copy)
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Site Characteristics Database\LOG
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Site Characteristics Database\LOG.oldMP (copy)
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\978c20af-8d9f-4e33-8772-874c17adfbc2.tmp
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\GPUCache\data_1
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Local Storage\leveldb\LOG
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Local Storage\leveldb\LOG.oldMo (copy)
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Network Persistent State (copy)
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Platform Notifications\LOG
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Platform Notifications\LOG.old (copy)
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Session Storage\000003.log
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Session Storage\LOG
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Session Storage\LOG.old (copy)
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\74ba5a0f-a169-4d6a-b45e-815a88d2cd17.tmp
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\GPUCache\data_1
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Local Storage\leveldb\LOG
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Local Storage\leveldb\LOG.old (copy)
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Network Persistent StateMP (copy)
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Platform Notifications\LOG
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Platform Notifications\LOG.old (copy)
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Session Storage\000003.log
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Session Storage\LOG
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Session Storage\LOG.olde/ (copy)
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\000003.log
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\LOG
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\LOG.old.. (copy)
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\pkedcjkdefgpdelpbcmbmeomcjbeemfm\LOG
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\pkedcjkdefgpdelpbcmbmeomcjbeemfm\LOG.oldpt (copy)
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Visited Links
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\b5135978-8ed4-480e-bbe5-daf16ada748a.tmp
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\000004.dbtmp
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\CURRENTMP (copy)
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\LOG
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\LOG.old (copy)
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\MANIFEST-000004
MPEG-4 LOAS
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\e1f7f4d7-21ce-4898-92a7-d07f3d903f1d.tmp
ASCII text, with very long lines, with no line terminators
modified
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\fbdaf125-2af2-4f5e-8d6f-532b0789a720.tmp
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\metadata\LOG
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\metadata\LOG.old (copy)
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Last Browser
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Last Version
ASCII text, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Local State (copy)
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Local Staten (copy)
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Local State} (copy)
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Module Info Cache (copy)
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\ShaderCache\GPUCache\data_1
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Subresource Filter\Indexed Rules\27\scoped_dir7004_1115914884\Ruleset Data
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\b26d82d7-6ca9-46a9-a3f4-6d2259193209.tmp
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\c1a27f26-b1c1-45ba-b213-ca6e3abca172.tmp
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\c347e0c7-d615-4175-86b5-09f88dd843a6.tmp
ASCII text, with very long lines, with no line terminators
modified
 clean
C:\Users\user\AppData\Local\Temp\7004_1259396426\LICENSE
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Temp\7004_1259396426\_metadata\verified_contents.json
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\7004_1259396426\crl-set
data
dropped
 clean
C:\Users\user\AppData\Local\Temp\7004_1259396426\manifest.fingerprint
ASCII text, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\7004_1259396426\manifest.json
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Temp\7004_1532019742\_metadata\verified_contents.json
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\7004_1532019742\manifest.fingerprint
ASCII text, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\7004_1532019742\manifest.json
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Temp\7004_1652923391\_metadata\verified_contents.json
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\7004_1652923391\download_file_types.pb
data
dropped
 clean
C:\Users\user\AppData\Local\Temp\7004_1652923391\manifest.fingerprint
ASCII text, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\7004_1652923391\manifest.json
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Temp\7004_1758730505\Filtering Rules
data
dropped
 clean
C:\Users\user\AppData\Local\Temp\7004_1758730505\LICENSE.txt
ASCII text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\7004_1758730505\_metadata\verified_contents.json
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\7004_1758730505\manifest.fingerprint
ASCII text, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\7004_1758730505\manifest.json
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Temp\7004_322876242\_metadata\verified_contents.json
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\7004_322876242\_platform_specific\x86_64\pnacl_public_pnacl_json
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Temp\7004_322876242\_platform_specific\x86_64\pnacl_public_x86_64_crtbegin_for_eh_o
ELF 64-bit LSB relocatable, x86-64, version 1 (SYSV), not stripped
dropped
 clean
C:\Users\user\AppData\Local\Temp\7004_322876242\_platform_specific\x86_64\pnacl_public_x86_64_crtbegin_o
ELF 64-bit LSB relocatable, x86-64, version 1 (SYSV), not stripped
dropped
 clean
C:\Users\user\AppData\Local\Temp\7004_322876242\_platform_specific\x86_64\pnacl_public_x86_64_crtend_o
ELF 64-bit LSB relocatable, x86-64, version 1 (SYSV), not stripped
dropped
 clean
C:\Users\user\AppData\Local\Temp\7004_322876242\_platform_specific\x86_64\pnacl_public_x86_64_ld_nexe
ELF 64-bit LSB executable, x86-64, version 1 (SYSV), statically linked, BuildID[sha1]=7511538a3a6a0b862c772eace49075ed1bbe2377, stripped
dropped
 clean
C:\Users\user\AppData\Local\Temp\7004_322876242\_platform_specific\x86_64\pnacl_public_x86_64_libcrt_platform_a
current ar archive
dropped
 clean
C:\Users\user\AppData\Local\Temp\7004_322876242\_platform_specific\x86_64\pnacl_public_x86_64_libgcc_a
current ar archive
dropped
 clean
C:\Users\user\AppData\Local\Temp\7004_322876242\_platform_specific\x86_64\pnacl_public_x86_64_libpnacl_irt_shim_a
current ar archive
dropped
 clean
C:\Users\user\AppData\Local\Temp\7004_322876242\_platform_specific\x86_64\pnacl_public_x86_64_libpnacl_irt_shim_dummy_a
current ar archive
dropped
 clean
C:\Users\user\AppData\Local\Temp\7004_322876242\_platform_specific\x86_64\pnacl_public_x86_64_pnacl_llc_nexe
ELF 64-bit LSB executable, x86-64, version 1 (SYSV), statically linked, BuildID[sha1]=309d6d3d463e6b1b0690f39eb226b1e4c469b2ce, stripped
dropped
 clean
C:\Users\user\AppData\Local\Temp\7004_322876242\_platform_specific\x86_64\pnacl_public_x86_64_pnacl_sz_nexe
ELF 64-bit LSB executable, x86-64, version 1 (SYSV), statically linked, BuildID[sha1]=4b15de4ab227d5e46213978b8518d53c53ce1db9, stripped
dropped
 clean
C:\Users\user\AppData\Local\Temp\7004_322876242\manifest.fingerprint
ASCII text, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\7004_322876242\manifest.json
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Temp\7004_438040541\_metadata\verified_contents.json
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\7004_438040541\manifest.fingerprint
ASCII text, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\7004_438040541\manifest.json
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Temp\7004_438040541\ssl_error_assistant.pb
data
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7004_1807123388\CRX_INSTALL\_locales\am\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7004_1807123388\CRX_INSTALL\_locales\ar\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7004_1807123388\CRX_INSTALL\_locales\bg\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7004_1807123388\CRX_INSTALL\_locales\bn\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7004_1807123388\CRX_INSTALL\_locales\ca\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7004_1807123388\CRX_INSTALL\_locales\cs\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7004_1807123388\CRX_INSTALL\_locales\da\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7004_1807123388\CRX_INSTALL\_locales\de\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7004_1807123388\CRX_INSTALL\_locales\el\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7004_1807123388\CRX_INSTALL\_locales\en\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7004_1807123388\CRX_INSTALL\_locales\es\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7004_1807123388\CRX_INSTALL\_locales\et\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7004_1807123388\CRX_INSTALL\_locales\fa\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7004_1807123388\CRX_INSTALL\_locales\fi\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7004_1807123388\CRX_INSTALL\_locales\fil\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7004_1807123388\CRX_INSTALL\_locales\fr\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7004_1807123388\CRX_INSTALL\_locales\gu\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7004_1807123388\CRX_INSTALL\_locales\hi\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7004_1807123388\CRX_INSTALL\_locales\hr\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7004_1807123388\CRX_INSTALL\_locales\hu\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7004_1807123388\CRX_INSTALL\_locales\id\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7004_1807123388\CRX_INSTALL\_locales\it\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7004_1807123388\CRX_INSTALL\_locales\iw\messages.json
HTML document, ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7004_1807123388\CRX_INSTALL\_locales\ja\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7004_1807123388\CRX_INSTALL\_locales\kn\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7004_1807123388\CRX_INSTALL\_locales\ko\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7004_1807123388\CRX_INSTALL\_locales\lt\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7004_1807123388\CRX_INSTALL\_locales\lv\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7004_1807123388\CRX_INSTALL\_locales\ml\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7004_1807123388\CRX_INSTALL\_locales\mr\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7004_1807123388\CRX_INSTALL\_locales\ms\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7004_1807123388\CRX_INSTALL\_locales\nb\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7004_1807123388\CRX_INSTALL\_locales\nl\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7004_1807123388\CRX_INSTALL\_locales\pl\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7004_1807123388\CRX_INSTALL\_locales\pt\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7004_1807123388\CRX_INSTALL\_locales\ro\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7004_1807123388\CRX_INSTALL\_locales\ru\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7004_1807123388\CRX_INSTALL\_locales\sk\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7004_1807123388\CRX_INSTALL\_locales\sl\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7004_1807123388\CRX_INSTALL\_locales\sr\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7004_1807123388\CRX_INSTALL\_locales\sv\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7004_1807123388\CRX_INSTALL\_locales\sw\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7004_1807123388\CRX_INSTALL\_locales\ta\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7004_1807123388\CRX_INSTALL\_locales\te\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7004_1807123388\CRX_INSTALL\_locales\th\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7004_1807123388\CRX_INSTALL\_locales\tr\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7004_1807123388\CRX_INSTALL\_locales\uk\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7004_1807123388\CRX_INSTALL\_locales\vi\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7004_1807123388\CRX_INSTALL\_locales\zh\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7004_1807123388\CRX_INSTALL\_locales\zh_TW\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7004_1807123388\CRX_INSTALL\_metadata\verified_contents.json
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7004_1807123388\CRX_INSTALL\angular.js
ASCII text, with very long lines
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7004_1807123388\CRX_INSTALL\background_script.js
ASCII text, with very long lines
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7004_1807123388\CRX_INSTALL\cast_sender.js
ASCII text, with very long lines
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7004_1807123388\CRX_INSTALL\common.js
ASCII text, with very long lines
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7004_1807123388\CRX_INSTALL\feedback.css
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7004_1807123388\CRX_INSTALL\feedback.html
HTML document, ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7004_1807123388\CRX_INSTALL\feedback_script.js
ASCII text, with very long lines
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7004_1807123388\CRX_INSTALL\manifest.json
ASCII text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7004_1807123388\CRX_INSTALL\material_css_min.css
ASCII text, with very long lines
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7004_1807123388\CRX_INSTALL\mirroring_cast_streaming.js
ASCII text, with very long lines
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7004_1807123388\CRX_INSTALL\mirroring_common.js
ASCII text, with very long lines
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7004_1807123388\CRX_INSTALL\mirroring_hangouts.js
ASCII text, with very long lines
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7004_1807123388\CRX_INSTALL\mirroring_webrtc.js
ASCII text, with very long lines
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7004_721605838\CRX_INSTALL\_locales\bg\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7004_721605838\CRX_INSTALL\_locales\ca\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7004_721605838\CRX_INSTALL\_locales\cs\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7004_721605838\CRX_INSTALL\_locales\da\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7004_721605838\CRX_INSTALL\_locales\de\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7004_721605838\CRX_INSTALL\_locales\el\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7004_721605838\CRX_INSTALL\_locales\en\messages.json
ASCII text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7004_721605838\CRX_INSTALL\_locales\en_GB\messages.json
ASCII text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7004_721605838\CRX_INSTALL\_locales\es\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7004_721605838\CRX_INSTALL\_locales\es_419\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7004_721605838\CRX_INSTALL\_locales\et\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7004_721605838\CRX_INSTALL\_locales\fi\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7004_721605838\CRX_INSTALL\_locales\fil\messages.json
ASCII text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7004_721605838\CRX_INSTALL\_locales\fr\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7004_721605838\CRX_INSTALL\_locales\hi\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7004_721605838\CRX_INSTALL\_locales\hr\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7004_721605838\CRX_INSTALL\_locales\hu\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7004_721605838\CRX_INSTALL\_locales\id\messages.json
ASCII text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7004_721605838\CRX_INSTALL\_locales\it\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7004_721605838\CRX_INSTALL\_locales\ja\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7004_721605838\CRX_INSTALL\_locales\ko\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7004_721605838\CRX_INSTALL\_locales\lt\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7004_721605838\CRX_INSTALL\_locales\lv\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7004_721605838\CRX_INSTALL\_locales\nb\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7004_721605838\CRX_INSTALL\_locales\nl\messages.json
ASCII text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7004_721605838\CRX_INSTALL\_locales\pl\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7004_721605838\CRX_INSTALL\_locales\pt_BR\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7004_721605838\CRX_INSTALL\_locales\pt_PT\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7004_721605838\CRX_INSTALL\_locales\ro\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7004_721605838\CRX_INSTALL\_locales\ru\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7004_721605838\CRX_INSTALL\_locales\sk\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7004_721605838\CRX_INSTALL\_locales\sl\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7004_721605838\CRX_INSTALL\_locales\sr\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7004_721605838\CRX_INSTALL\_locales\sv\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7004_721605838\CRX_INSTALL\_locales\th\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7004_721605838\CRX_INSTALL\_locales\tr\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7004_721605838\CRX_INSTALL\_locales\uk\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7004_721605838\CRX_INSTALL\_locales\vi\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7004_721605838\CRX_INSTALL\_locales\zh_CN\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7004_721605838\CRX_INSTALL\_locales\zh_TW\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7004_721605838\CRX_INSTALL\_metadata\verified_contents.json
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7004_721605838\CRX_INSTALL\craw_background.js
ASCII text, with very long lines
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7004_721605838\CRX_INSTALL\craw_window.js
ASCII text, with very long lines
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7004_721605838\CRX_INSTALL\css\craw_window.css
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7004_721605838\CRX_INSTALL\html\craw_window.html
HTML document, ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7004_721605838\CRX_INSTALL\images\flapper.gif
GIF image data, version 89a, 30 x 30
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7004_721605838\CRX_INSTALL\images\icon_128.png
PNG image data, 128 x 128, 8-bit/color RGBA, non-interlaced
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7004_721605838\CRX_INSTALL\images\icon_16.png
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7004_721605838\CRX_INSTALL\images\topbar_floating_button.png
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7004_721605838\CRX_INSTALL\images\topbar_floating_button_close.png
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7004_721605838\CRX_INSTALL\images\topbar_floating_button_hover.png
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7004_721605838\CRX_INSTALL\images\topbar_floating_button_maximize.png
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7004_721605838\CRX_INSTALL\images\topbar_floating_button_pressed.png
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7004_721605838\CRX_INSTALL\manifest.json
ASCII text, with CRLF line terminators
dropped
 clean
There are 249 hidden files, click here to show them.

Processes

Path
Cmdline
Malicious
C:\Program Files\Google\Chrome\Application\chrome.exe
'C:\Program Files\Google\Chrome\Application\chrome.exe' --start-maximized --enable-automation 'C:\Users\user\Desktop\WireAdviceCopy.html'
 clean
C:\Program Files\Google\Chrome\Application\chrome.exe
'C:\Program Files\Google\Chrome\Application\chrome.exe' --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1580,16858165692460713401,16581068538360347648,131072 --lang=en-US --service-sandbox-type=network --enable-audio-service-sandbox --mojo-platform-channel-handle=1940 /prefetch:8
clean

URLs

Name
IP
Malicious
file:///C:/Users/user/Desktop/WireAdviceCopy.html
malicious
https://aadcdn.msftauth.net/ests/2.1/content/images/picker_more_7568a43cf440757c55d2e7f51557ae1f.svg
152.199.23.37
 clean
https://apis.google.com/js/client.js
unknown
 clean
https://www.google.com/images/cleardot.gif
unknown
 clean
https://play.google.com
unknown
 clean
https://crash.corp.google.com/samples?reportid=&q=
unknown
 clean
https://www.google.com/log?format=json&hasfast=true
unknown
 clean
https://aadcdn.msftauth.net/ests/2.1/content/images/picker_account_aad_9de70d1c5191d1852a0d5aac28b44
unknown
 clean
https://easylist.to/)
unknown
 clean
https://aadcdn.msftauth.net/ests/2.1/content/images/arrow_left_a9cc2824ef3517b6c4160dcf8ff7d410.svg9
unknown
 clean
https://aadcdn.msftauth.net/ests/2.1/content/images/arrow_left_a9cc2824ef3517b6c4160dcf8ff7d410.svg
152.199.23.37
 clean
https://sandbox.google.com/payments/v4/js/integrator.js
unknown
 clean
http://www.ietf.org/id/draft-holmer-rmcat-transport-wide-cc-extensions-01
unknown
 clean
https://accounts.google.com/MergeSession
unknown
 clean
https://creativecommons.org/compatiblelicenses
unknown
 clean
https://preprod-hangouts-googleapis.sandbox.google.com
unknown
 clean
https://clients2.googleusercontent.com/crx/blobs/Acy1k0bLIjHsvnKaKN_oRpVaYYvFs25d7GKYF1WXrT6yizCMksBO0c_ggE0B6tx6HPRHe6q1GOEe3_NcIbSiGG8kXeLMUY0sAKVvC6R89zvKM13s5VqoAMZSmuUgjQL5vlygJuArQghXXE_qTL7NlQ/extension_8520_615_0_5.crx
172.217.168.1
 clean
https://www.google.com
unknown
 clean
https://github.com/easylist)
unknown
 clean
https://creativecommons.org/.
unknown
 clean
https://hangouts.clients6.google.com
unknown
 clean
https://meet.google.com
unknown
 clean
https://hangouts.google.com/hangouts/_/logpref
unknown
 clean
https://accounts.google.com
unknown
 clean
https://clients2.google.com/cr/report
unknown
 clean
https://code.jquery.com/jquery-1.11.1.min.js
unknown
 clean
https://code.jquery.com/jquery-1.11.1.min.jsK
unknown
 clean
http://angularjs.org
unknown
 clean
https://aadcdn.msftauth.net/ests/2.1/content/images/microsoft_logo_ee5c8d9fb6248c938fd0dc19370e90bd.
unknown
 clean
https://creativecommons.org/publicdomain/zero/1.0/.
unknown
 clean
https://github.com/angular/material
unknown
 clean
https://apis.google.com
unknown
 clean
https://www.google.com/accounts/OAuthLogin?issueuberauth=1
unknown
 clean
https://github.com/madler/zlib/blob/master/zlib.h
unknown
 clean
https://aadcdn.msauth.net/ests/2.1/content/images/backgrounds/2_bc3d32a696895f78c19df6c717586a5d.svg
unknown
 clean
https://www-googleapis-staging.sandbox.google.com
unknown
 clean
https://clients2.google.com
unknown
 clean
https://www.google.com/tools/feedback
unknown
 clean
http://www.apache.org/licenses/LICENSE-2.0
unknown
 clean
https://dns.google
unknown
 clean
https://github.com/google/closure-library/wiki/goog.module:-an-ES6-module-like-alternative-to-goog.p
unknown
 clean
https://www.google.com/intl/en-US/chrome/blank.html
unknown
 clean
https://ogs.google.com
unknown
 clean
https://aadcdn.msftauth.net/ests/2.1/content/images/microsoft_logo_ee5c8d9fb6248c938fd0dc19370e90bd.svg
152.199.23.37
 clean
https://support.google.com/chromecast/troubleshooter/2995236
unknown
 clean
https://aadcdn.msftauth.net/ests/2.1/content/images/favicon_a_eupayfgghqiai7k9sol6lg2.ico
152.199.23.37
 clean
http://www.ietf.org/id/draft-holmer-rmcat-transport-wide-cc-extensions
unknown
 clean
https://clients2.google.com/service/update2/crx?os=win&arch=x64&os_arch=x86_64&nacl_arch=x86-64&prod=chromecrx&prodchannel=&prodversion=85.0.4183.121&lang=en-US&acceptformat=crx3&x=id%3Dnmmhkkegccagdldgiimedpiccmgmieda%26v%3D0.0.0.0%26installedby%3Dother%26uc%26ping%3Dr%253D-1%2526e%253D1&x=id%3Dpkedcjkdefgpdelpbcmbmeomcjbeemfm%26v%3D0.0.0.0%26installedby%3Dother%26uc%26ping%3Dr%253D-1%2526e%253D1
142.250.185.238
 clean
https://accounts.google.com/ListAccounts?gpsia=1&source=ChromiumBrowser&json=standard
172.217.168.45
 clean
https://payments.google.com/payments/v4/js/integrator.js
unknown
 clean
https://www.google.com;
unknown
 clean
https://aadcdn.msftauth.net/ests/2.1/content/images/picker_account_aad_9de70d1c5191d1852a0d5aac28b44a6c.svg
152.199.23.37
 clean
https://chromium.googlesource.com/a/native_client/pnacl-llvm.git
unknown
 clean
https://hangouts.google.com/
unknown
 clean
https://aadcdn.msftauth.net/ests/2.1/content/images/picker_account_add_56e73414003cdb676008ff7857343074.svg
152.199.23.37
 clean
https://www.google.com/images/x2.gif
unknown
 clean
http://llvm.org/):
unknown
 clean
https://aadcdn.msftauth.net/ests/2.1/content/images/picker_account_add_56e73414003cdb676008ff7857343
unknown
 clean
https://www.google.com/images/dot2.gif
unknown
 clean
https://meetings.clients6.google.com
unknown
 clean
https://play.google.com/log?format=json&hasfast=true
unknown
 clean
https://code.google.com/p/nativeclient/issues/entry%s:
unknown
 clean
http://tools.ietf.org/html/rfc1950
unknown
 clean
https://code.google.com/p/nativeclient/issues/entry
unknown
 clean
https://support.google.com/chromecast/answer/2998456
unknown
 clean
https://clients2.googleusercontent.com
unknown
 clean
https://docs.google.com
unknown
 clean
https://www.google.com/
unknown
 clean
https://feedback.googleusercontent.com
unknown
 clean
https://chromium.googlesource.com/a/native_client/pnacl-clang.git
unknown
 clean
https://clients2.google.com/service/update2/crx
unknown
 clean
https://clients6.google.com
unknown
 clean
There are 62 hidden URLs, click here to show them.

Domains

Name
IP
Malicious
cs1100.wpc.omegacdn.net
152.199.23.37
 clean
accounts.google.com
172.217.168.45
 clean
clients.l.google.com
142.250.185.238
 clean
googlehosted.l.googleusercontent.com
172.217.168.1
 clean
clients2.googleusercontent.com
unknown
 clean
clients2.google.com
unknown
 clean
code.jquery.com
unknown
 clean
aadcdn.msftauth.net
unknown
 clean
aadcdn.msauth.net
unknown
 clean

IPs

IP
Domain
Country
Malicious
192.168.2.1
unknown
unknown
clean
172.217.168.1
googlehosted.l.googleusercontent.com
United States
clean
142.250.185.238
clients.l.google.com
United States
clean
172.217.168.45
accounts.google.com
United States
clean
239.255.255.250
unknown
Reserved
clean
152.199.23.37
cs1100.wpc.omegacdn.net
United States
clean
127.0.0.1
unknown
unknown
clean

Registry

Path
Value
Malicious
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Google\Update\ClientStateMedium\{8A69D345-D564-463C-AFF1-A69D9E530F96}\LastWasDefault
S-1-5-21-3853321935-2125563209-4053062332-1002
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
ahfgeienlihckogmohjhadlkjgocpleb
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
gdaefkejpgkiemlaofpalmlakkmbjdnl
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
gfdkimpbcpahaombhbimeihdjnejgicl
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
kmendfapggjehodndflmmgagdbamhnfd
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
mfehgcgbbipciphmccgaenjidiccnmng
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
mhjfbmdgcfjbbpaeojofohoefgiehjai
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
neajdppkdcdipfabeoofebfddakdcjhd
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
nkeimhogjdpnpccoofpliimaahmaaome
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
prefs.preference_reset_time
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
gfdkimpbcpahaombhbimeihdjnejgicl
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
nmmhkkegccagdldgiimedpiccmgmieda
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
pkedcjkdefgpdelpbcmbmeomcjbeemfm
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
nmmhkkegccagdldgiimedpiccmgmieda
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
nmmhkkegccagdldgiimedpiccmgmieda
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
pkedcjkdefgpdelpbcmbmeomcjbeemfm
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\BLBeacon
state
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\ThirdParty
StatusCodes
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\ThirdParty
StatusCodes
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\BLBeacon
state
 clean
HKEY_CURRENT_USER\Software\Google\Update\ClientState\{8A69D345-D564-463c-AFF1-A69D9E530F96}
dr
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
software_reporter.reporting
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
module_blacklist_cache_md5_digest
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
media.storage_id_salt
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
google.services.last_account_id
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
google.services.account_id
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
software_reporter.prompt_seed
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
settings_reset_prompt.last_triggered_for_homepage
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
default_search_provider_data.template_url_data
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
safebrowsing.incidents_sent
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
pinned_tabs
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
search_provider_overrides
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
settings_reset_prompt.last_triggered_for_default_search
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
prefs.preference_reset_time
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
google.services.last_username
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
session.startup_urls
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
session.restore_on_startup
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
software_reporter.prompt_version
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
settings_reset_prompt.last_triggered_for_startup_urls
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
settings_reset_prompt.prompt_wave
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
homepage
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
homepage_is_newtabpage
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
browser.show_home_button
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\StabilityMetrics
user_experience_metrics.stability.exited_cleanly
 clean
HKEY_CURRENT_USER\Software\Google\Update\ClientState\{8A69D345-D564-463c-AFF1-A69D9E530F96}
lastrun
 clean
There are 35 hidden registries, click here to show them.

Memdumps

Base Address
Regiontype
Protect
Malicious
21F2721F000
unkown
page read and write
 clean
7DF5CCC10000
unkown image
page readonly
 clean
7FF56A601000
unkown image
page readonly
 clean
7FF5346C4000
unkown image
page readonly
 clean
1E90DE5C000
unkown
page read and write
 clean
7FF5108BF000
unkown image
page readonly
 clean
22479B8F000
unkown
page read and write
 clean
7FF5BED51000
unkown image
page readonly
 clean
7FF4FA1D7000
unkown image
page readonly
 clean
22479B85000
unkown
page read and write
 clean
1E90DE67000
unkown
page read and write
 clean
7FF510A89000
unkown image
page readonly
 clean
7DF5CCC12000
unkown image
page readonly
 clean
22479BB3000
unkown
page read and write
 clean
284ABE60000
unkown image
page read and write
 clean
22479B7B000
unkown
page read and write
 clean
7FF4FA643000
unkown image
page readonly
 clean
7DF578262000
unkown image
page readonly
 clean
22479BA9000
unkown
page read and write
 clean
7DF578260000
unkown image
page readonly
 clean
239AC7E000
stack
page read and write
 clean
7DF5CCC20000
unkown image
page readonly
 clean
19D0B200000
unkown
page read and write
 clean
7FF4FA4A1000
unkown image
page readonly
 clean
22479250000
unkown
page read and write
 clean
7FF534566000
unkown image
page readonly
 clean
22479B79000
unkown
page read and write
 clean
224790E0000
heap default
page read and write
 clean
21F27090000
heap private
page read and write
 clean
22479B7B000
unkown
page read and write
 clean
2107B0D0000
unkown image
page readonly
 clean
7FF55CB32000
unkown image
page readonly
 clean
7FF5BEEFE000
unkown image
page readonly
 clean
19D0B1A0000
unkown image
page readonly
 clean
7FF549EA9000
unkown image
page readonly
 clean
B3714FD000
stack
page read and write
 clean
7FF55CA85000
unkown image
page readonly
 clean
7FF54A294000
unkown image
page readonly
 clean
2107B264000
unkown
page read and write
 clean
22479BB8000
unkown
page read and write
 clean
284AC040000
unkown
page read and write
 clean
7FF50DC54000
unkown image
page readonly
 clean
7FF4FA63B000
unkown image
page readonly
 clean
7FF5BEA87000
unkown image
page readonly
 clean
7DF5CCC10000
unkown image
page readonly
 clean
22479B8F000
unkown
page read and write
 clean
22479B92000
unkown
page read and write
 clean
7DF542442000
unkown image
page readonly
 clean
19D0B245000
heap private
page read and write
 clean
7DF56A992000
unkown image
page readonly
 clean
7FF5BEFA1000
unkown image
page readonly
 clean
7DF51B8D2000
unkown image
page readonly
 clean
97A3EFF000
stack
page read and write
 clean
7FF50DC71000
unkown image
page readonly
 clean
22479090000
unkown image
page readonly
 clean
21F2725A000
unkown
page read and write
 clean
7DF56A9A0000
unkown image
page readonly
 clean
7FF50DB7F000
unkown image
page readonly
 clean
7FF5344FA000
unkown image
page readonly
 clean
7FF56A577000
unkown image
page readonly
 clean
7FF50DBA7000
unkown image
page readonly
 clean
1FC7F320000
unkown image
page read and write
 clean
7FF56A35F000
unkown image
page readonly
 clean
7FF50DB90000
unkown image
page readonly
 clean
7FF569CE3000
unkown image
page readonly
 clean
22479B4F000
unkown
page read and write
 clean
1FC7F6D0000
unkown image
page readonly
 clean
7FF55CA71000
unkown image
page readonly
 clean
7DF476130000
unkown image
page readonly
 clean
7DF42F2F0000
unkown image
page readonly
 clean
22479BB9000
unkown
page read and write
 clean
7FF55CC43000
unkown image
page readonly
 clean
22479B91000
unkown
page read and write
 clean
1E90DCF0000
unkown image
page readonly
 clean
1FC7F370000
unkown image
page readonly
 clean
2107B302000
unkown
page read and write
 clean
7FF4FA6E1000
unkown image
page readonly
 clean
22479200000
unkown
page read and write
 clean
7FF51026B000
unkown image
page readonly
 clean
19D0B240000
heap private
page read and write
 clean
1EE8BB40000
unkown image
page readonly
 clean
7DF578270000
unkown image
page readonly
 clean
7FF55CC03000
unkown image
page readonly
 clean
7FF50DBEA000
unkown image
page readonly
 clean
7FF56A5FA000
unkown image
page readonly
 clean
22479BB1000
unkown
page read and write
 clean
22479B5A000
unkown
page read and write
 clean
1EE8B643000
unkown
page read and write
 clean
1E90DCC0000
unkown image
page readonly
 clean
7FF5237C1000
unkown image
page readonly
 clean
22479B76000
unkown
page read and write
 clean
22479B8F000
unkown
page read and write
 clean
239AE7E000
stack
page read and write
 clean
1DE13F80000
unkown image
page readonly
 clean
22479BA6000
unkown
page read and write
 clean
7FF4FA4FF000
unkown image
page readonly
 clean
22479B8F000
unkown
page read and write
 clean
7FF4FA613000
unkown image
page readonly
 clean
316087E000
stack
page read and write
 clean
22479B7F000
unkown
page read and write
 clean
21F270A0000
unkown image
page readonly
 clean
2107B600000
unkown image
page readonly
 clean
22479BDE000
unkown
page read and write
 clean
7FF56A3EB000
unkown image
page readonly
 clean
7FF55CA64000
unkown image
page readonly
 clean
239B17F000
stack
page read and write
 clean
7FF55C9E7000
unkown image
page readonly
 clean
7FF5347E1000
unkown image
page readonly
 clean
7FF52373D000
unkown image
page readonly
 clean
2247925A000
unkown
page read and write
 clean
7FF52336A000
unkown image
page readonly
 clean
7FF5237AA000
unkown image
page readonly
 clean
7FF5347B2000
unkown image
page readonly
 clean
22479B79000
unkown
page read and write
 clean
1FC7F500000
unkown
page read and write
 clean
7FF55CA66000
unkown image
page readonly
 clean
7FF5BEEC0000
unkown image
page readonly
 clean
7FF523792000
unkown image
page readonly
 clean
7FF4FA545000
unkown image
page readonly
 clean
1E90DE2F000
unkown
page read and write
 clean
1FC7F502000
unkown
page read and write
 clean
22479400000
unkown image
page readonly
 clean
7FF55C518000
unkown image
page readonly
 clean
7FF52370B000
unkown image
page readonly
 clean
7FF55CB9B000
unkown image
page readonly
 clean
22479BD3000
unkown
page read and write
 clean
3C9507C000
stack
page read and write
 clean
7DF578270000
unkown image
page readonly
 clean
7FF55CB7B000
unkown image
page readonly
 clean
7DF51E710000
unkown image
page readonly
 clean
19D0B29F000
unkown
page read and write
 clean
76524FA000
stack
page read and write
 clean
7FF54A1C6000
unkown image
page readonly
 clean
22479B5E000
unkown
page read and write
 clean
224790C0000
unkown image
page readonly
 clean
7FF53475D000
unkown image
page readonly
 clean
22479B72000
unkown
page read and write
 clean
1E90DD10000
heap default
page read and write
 clean
7FF56A5D9000
unkown image
page readonly
 clean
224792A2000
unkown
page read and write
 clean
7FF50D9F6000
unkown image
page readonly
 clean
7DF51E722000
unkown image
page readonly
 clean
7FF52304E000
unkown image
page readonly
 clean
21F27790000
unkown image
page readonly
 clean
BE35EFF000
stack
page read and write
 clean
1DE1404A000
unkown
page read and write
 clean
2107B22A000
unkown
page read and write
 clean
7DF508350000
unkown image
page readonly
 clean
3C950FE000
stack
page read and write
 clean
7DF56A982000
unkown image
page readonly
 clean
22479BA2000
unkown
page read and write
 clean
7FF5BEECE000
unkown image
page readonly
 clean
22479B57000
unkown
page read and write
 clean
7DF531420000
unkown image
page readonly
 clean
7FF4FA610000
unkown image
page readonly
 clean
7FF54A2B1000
unkown image
page readonly
 clean
7FF55CD11000
unkown image
page readonly
 clean
1DE14002000
unkown
page read and write
 clean
2107B213000
unkown
page read and write
 clean
21F27267000
unkown
page read and write
 clean
2247A002000
unkown
page read and write
 clean
2107B251000
unkown
page read and write
 clean
22479B89000
unkown
page read and write
 clean
7FF5234BA000
unkown image
page readonly
 clean
22479BC6000
unkown
page read and write
 clean
7FF5347D1000
unkown image
page readonly
 clean
21F2726F000
unkown
page read and write
 clean
7FF55CC2D000
unkown image
page readonly
 clean
1EE8B61C000
unkown
page read and write
 clean
7FF50DB7D000
unkown image
page readonly
 clean
1EE8C380000
unkown
page readonly
 clean
22479B76000
unkown
page read and write
 clean
284ABE80000
unkown image
page readonly
 clean
7FF56A3C7000
unkown image
page readonly
 clean
BE35E7F000
stack
page read and write
 clean
7FF5BEF91000
unkown image
page readonly
 clean
21F27400000
unkown image
page readonly
 clean
1E90DE64000
unkown
page read and write
 clean
A12BE7E000
stack
page read and write
 clean
7651FDA000
unkown
page read and write
 clean
7FF55C9A5000
unkown image
page readonly
 clean
21F27600000
unkown image
page readonly
 clean
1EE8C3F0000
unkown
page read and write
 clean
97A3FFE000
stack
page read and write
 clean
B448AAB000
unkown
page read and write
 clean
22479B87000
unkown
page read and write
 clean
7FF510AA1000
unkown image
page readonly
 clean
1E90DE4E000
unkown
page read and write
 clean
7FF4FA667000
unkown image
page readonly
 clean
1DE13E30000
unkown image
page read and write
 clean
7FF5BEA81000
unkown image
page readonly
 clean
7DF508352000
unkown image
page readonly
 clean
7FF5BEF17000
unkown image
page readonly
 clean
7FF56A3C1000
unkown image
page readonly
 clean
1E90DE45000
unkown
page read and write
 clean
7FF4FA5FF000
unkown image
page readonly
 clean
7FF4FA64E000
unkown image
page readonly
 clean
19D0B1C0000
unkown image
page readonly
 clean
1E90DE3B000
unkown
page read and write
 clean
1FC7F43C000
unkown
page read and write
 clean
1E90E380000
unkown image
page readonly
 clean
7FF4F9EA5000
unkown image
page readonly
 clean
19D0B1A0000
unkown image
page readonly
 clean
1DE13E40000
heap private
page read and write
 clean
7FF5BEEC7000
unkown image
page readonly
 clean
7FF5BEF84000
unkown image
page readonly
 clean
7FF54A1D0000
unkown image
page readonly
 clean
7FF4FA4DB000
unkown image
page readonly
 clean
7FF510880000
unkown image
page readonly
 clean
B37117E000
stack
page read and write
 clean
22479313000
unkown
page read and write
 clean
7DF5CCC12000
unkown image
page readonly
 clean
22479B92000
unkown
page read and write
 clean
2107B1D0000
unkown image
page readonly
 clean
7FF56A5E4000
unkown image
page readonly
 clean
7FF55CBA1000
unkown image
page readonly
 clean
7DF542460000
unkown image
page readonly
 clean
21F270C0000
unkown image
page readonly
 clean
7FF5BEF8A000
unkown image
page readonly
 clean
7FF510861000
unkown image
page readonly
 clean
7FF56A537000
unkown image
page readonly
 clean
1FC7F8D0000
unkown image
page readonly
 clean
7DF508362000
unkown image
page readonly
 clean
1E90DDF0000
unkown image
page readonly
 clean
7FF4FA375000
unkown image
page readonly
 clean
7DF5CCC00000
unkown image
page readonly
 clean
1E90E000000
unkown image
page readonly
 clean
7FF55CAA6000
unkown image
page readonly
 clean
7DF51E730000
unkown image
page readonly
 clean
2247A102000
unkown
page read and write
 clean
19D0B29F000
unkown
page read and write
 clean
22479B90000
unkown
page read and write
 clean
22479BBE000
unkown
page read and write
 clean
7FF56A50D000
unkown image
page readonly
 clean
284AC002000
unkown
page read and write
 clean
22479B8F000
unkown
page read and write
 clean
1E90DE3D000
unkown
page read and write
 clean
22479BB3000
unkown
page read and write
 clean
7FF510597000
unkown image
page readonly
 clean
7FF56A52E000
unkown image
page readonly
 clean
7FF5BEED7000
unkown image
page readonly
 clean
22479BA2000
unkown
page read and write
 clean
22479B91000
unkown
page read and write
 clean
22479B81000
unkown
page read and write
 clean
7FF5346A2000
unkown image
page readonly
 clean
7FF56A5D2000
unkown image
page readonly
 clean
22479B7A000
unkown
page read and write
 clean
3160AFB000
stack
page read and write
 clean
1FC7F330000
heap private
page read and write
 clean
2107B0C0000
unkown image
page readonly
 clean
7DF51B8D0000
unkown image
page readonly
 clean
224792F9000
unkown
page read and write
 clean
7FF55CBFE000
unkown image
page readonly
 clean
7FF522F30000
unkown image
page readonly
 clean
7FF4FA61E000
unkown image
page readonly
 clean
7FF5347C4000
unkown image
page readonly
 clean
7DF56A992000
unkown image
page readonly
 clean
7FF55C807000
unkown image
page readonly
 clean
7DF56A980000
unkown image
page readonly
 clean
21F27257000
unkown
page read and write
 clean
7DF4CAAD0000
unkown image
page readonly
 clean
19D0B281000
unkown
page read and write
 clean
7FF5BEEF3000
unkown image
page readonly
 clean
21F27302000
unkown
page read and write
 clean
22479BB3000
unkown
page read and write
 clean
7DF51B8D2000
unkown image
page readonly
 clean
7DF578260000
unkown image
page readonly
 clean
7FF5347E1000
unkown image
page readonly
 clean
7FF56A3A4000
unkown image
page readonly
 clean
1DE13E70000
unkown image
page readonly
 clean
7FF51087D000
unkown image
page readonly
 clean
7DF531440000
unkown image
page readonly
 clean
1FC7F455000
unkown
page read and write
 clean
7FF55CBFA000
unkown image
page readonly
 clean
2107B308000
unkown
page read and write
 clean
7FF5237BA000
unkown image
page readonly
 clean
97A41FE000
stack
page read and write
 clean
7FF5347B9000
unkown image
page readonly
 clean
7FF510AB1000
unkown image
page readonly
 clean
3160BF7000
stack
page read and write
 clean
7FF55CB0B000
unkown image
page readonly
 clean
22479BBE000
unkown
page read and write
 clean
19D0B2AF000
unkown
page read and write
 clean
B44907B000
stack
page read and write
 clean
7FF4FA6F1000
unkown image
page readonly
 clean
7FF5BEEB3000
unkown image
page readonly
 clean
22479B8F000
unkown
page read and write
 clean
1E90DCA0000
unkown image
page read and write
 clean
1EE8B729000
heap private
page read and write
 clean
7FF4FA66A000
unkown image
page readonly
 clean
22479255000
unkown
page read and write
 clean
7FF54A282000
unkown image
page readonly
 clean
2247A100000
unkown
page read and write
 clean
1DE14400000
unkown image
page readonly
 clean
7FF5109D7000
unkown image
page readonly
 clean
7FF5BEF1A000
unkown image
page readonly
 clean
7DF51B8F0000
unkown image
page readonly
 clean
2247A002000
unkown
page read and write
 clean
22479B91000
unkown
page read and write
 clean
7DF531422000
unkown image
page readonly
 clean
7FF56A513000
unkown image
page readonly
 clean
7FF55CC17000
unkown image
page readonly
 clean
1E90E602000
unkown
page read and write
 clean
7FF50D807000
unkown image
page readonly
 clean
22479B87000
unkown
page read and write
 clean
2107B286000
unkown
page read and write
 clean
22479BA2000
unkown
page read and write
 clean
3C9517B000
stack
page read and write
 clean
BE361F7000
stack
page read and write
 clean
22479B7B000
unkown
page read and write
 clean
1EE8B5D8000
heap default
page read and write
 clean
7DF542440000
unkown image
page readonly
 clean
7FF55CA2B000
unkown image
page readonly
 clean
7FF52362C000
unkown image
page readonly
 clean
7DF531432000
unkown image
page readonly
 clean
22479B91000
unkown
page read and write
 clean
B449177000
stack
page read and write
 clean
7FF510735000
unkown image
page readonly
 clean
224792E1000
unkown
page read and write
 clean
2247A002000
unkown
page read and write
 clean
1E90DE76000
unkown
page read and write
 clean
765237D000
stack
page read and write
 clean
7DF56A9A0000
unkown image
page readonly
 clean
284AC670000
unkown
page read and write
 clean
2107B1F0000
unkown
page read and write
 clean
22479226000
unkown
page read and write
 clean
7FF54A1D3000
unkown image
page readonly
 clean
7FF56A2C7000
unkown image
page readonly
 clean
B448F7E000
stack
page read and write
 clean
19D0B286000
unkown
page read and write
 clean
7DF542460000
unkown image
page readonly
 clean
22479B1F000
unkown
page read and write
 clean
22479258000
unkown
page read and write
 clean
22479BA5000
unkown
page read and write
 clean
1DE13E80000
unkown image
page readonly
 clean
22479B5E000
unkown
page read and write
 clean
22479BD3000
unkown
page read and write
 clean
7FF534700000
unkown image
page readonly
 clean
22479B81000
unkown
page read and write
 clean
22479B91000
unkown
page read and write
 clean
7DF531430000
unkown image
page readonly
 clean
7FF56A2D2000
unkown image
page readonly
 clean
22479BA6000
unkown
page read and write
 clean
1EE8B5D0000
heap default
page read and write
 clean
22479B9E000
unkown
page read and write
 clean
7FF56A4D1000
unkown image
page readonly
 clean
21F270A0000
unkown image
page readonly
 clean
1DE1408A000
unkown
page read and write
 clean
1DE13EA0000
heap default
page read and write
 clean
7DF508370000
unkown image
page readonly
 clean
7DF51E720000
unkown image
page readonly
 clean
7FF50DC5A000
unkown image
page readonly
 clean
1E90DE00000
unkown
page read and write
 clean
1EE8B460000
unkown image
page readonly
 clean
19D0B440000
unkown image
page readonly
 clean
7FF56A553000
unkown image
page readonly
 clean
2247924D000
unkown
page read and write
 clean
22479308000
unkown
page read and write
 clean
1FC7F47C000
unkown
page read and write
 clean
7FF51089B000
unkown image
page readonly
 clean
7FF5109A7000
unkown image
page readonly
 clean
A12BB0C000
unkown
page read and write
 clean
239B077000
stack
page read and write
 clean
7DF51E722000
unkown image
page readonly
 clean
1E90DE24000
unkown
page read and write
 clean
21F27A02000
unkown
page read and write
 clean
22479BA5000
unkown
page read and write
 clean
1E90DE7A000
unkown
page read and write
 clean
22479B91000
unkown
page read and write
 clean
7FF5109D3000
unkown image
page readonly
 clean
22479890000
unkown image
page write copy
 clean
1EE8B440000
unkown image
page readonly
 clean
7FF4FA2B1000
unkown image
page readonly
 clean
1DE1403C000
unkown
page read and write
 clean
7FF5BEF79000
unkown image
page readonly
 clean
22479B80000
unkown
page read and write
 clean
1E90DE5F000
unkown
page read and write
 clean
7FF5109B9000
unkown image
page readonly
 clean
1E90DE2D000
unkown
page read and write
 clean
1EE8BCD0000
unkown image
page readonly
 clean
22479600000
unkown image
page readonly
 clean
7FF4FA5E7000
unkown image
page readonly
 clean
7FF510A82000
unkown image
page readonly
 clean
1FC7F508000
unkown
page read and write
 clean
31608FF000
stack
page read and write
 clean
224791E0000
unkown
page read and write
 clean
1DE13E50000
unkown image
page readonly
 clean
22479BB8000
unkown
page read and write
 clean
7FF4FA627000
unkown image
page readonly
 clean
22479B7F000
unkown
page read and write
 clean
76523F9000
stack
page read and write
 clean
3C94FF9000
stack
page read and write
 clean
BE363FF000
stack
page read and write
 clean
21F270D0000
unkown image
page readonly
 clean
1DE14013000
unkown
page read and write
 clean
7FF55CB75000
unkown image
page readonly
 clean
2247923C000
unkown
page read and write
 clean
284AC660000
unkown
page read and write
 clean
1DE14108000
unkown
page read and write
 clean
22479BC2000
unkown
page read and write
 clean
7FF5BEEEB000
unkown image
page readonly
 clean
7FF523799000
unkown image
page readonly
 clean
1FC7F47E000
unkown
page read and write
 clean
7DF51E730000
unkown image
page readonly
 clean
7FF54A20E000
unkown image
page readonly
 clean
7DF56A990000
unkown image
page readonly
 clean
1DE14029000
unkown
page read and write
 clean
7FF50DB93000
unkown image
page readonly
 clean
7FF5236E3000
unkown image
page readonly
 clean
7DF531430000
unkown image
page readonly
 clean
7FF54A1BD000
unkown image
page readonly
 clean
284AC000000
unkown
page read and write
 clean
7FF5347D5000
unkown image
page readonly
 clean
7DF51B8E2000
unkown image
page readonly
 clean
7FF53473E000
unkown image
page readonly
 clean
22479B57000
unkown
page read and write
 clean
31605AB000
unkown
page read and write
 clean
2247A03C000
unkown
page read and write
 clean
7FF54A2A5000
unkown image
page readonly
 clean
1EE8B440000
unkown image
page readonly
 clean
2107B300000
unkown
page read and write
 clean
22479254000
unkown
page read and write
 clean
284ABEA0000
unkown image
page readonly
 clean
7FF50D8F5000
unkown image
page readonly
 clean
B44927E000
stack
page read and write
 clean
22479B9F000
unkown
page read and write
 clean
21F270F0000
heap default
page read and write
 clean
1DE14052000
unkown
page read and write
 clean
7DF531422000
unkown image
page readonly
 clean
1FC7F488000
unkown
page read and write
 clean
1EE8C130000
unkown
page read and write
 clean
284AC802000
unkown
page read and write
 clean
7FF510591000
unkown image
page readonly
 clean
1E90DE82000
unkown
page read and write
 clean
7FF55CC6B000
unkown image
page readonly
 clean
7FF55CD0A000
unkown image
page readonly
 clean
7FF55C69C000
unkown image
page readonly
 clean
7DF508360000
unkown image
page readonly
 clean
22479B88000
unkown
page read and write
 clean
22479B82000
unkown
page read and write
 clean
1EE8B5E0000
heap default
page read and write
 clean
1FC7F44E000
unkown
page read and write
 clean
1E90E470000
unkown
page read and write
 clean
7FF4FA603000
unkown image
page readonly
 clean
1DE14580000
unkown image
page readonly
 clean
7FF50F6D1000
unkown image
page readonly
 clean
7FF510A0E000
unkown image
page readonly
 clean
2247924C000
unkown
page read and write
 clean
284AC029000
unkown
page read and write
 clean
1E90DE6B000
unkown
page read and write
 clean
22479B82000
unkown
page read and write
 clean
1DE14200000
unkown image
page readonly
 clean
7FF510A2D000
unkown image
page readonly
 clean
2247928A000
unkown
page read and write
 clean
7FF56A2E4000
unkown image
page readonly
 clean
7FF4FA575000
unkown image
page readonly
 clean
1FC7F360000
unkown image
page readonly
 clean
7FF4FA571000
unkown image
page readonly
 clean
97A40FF000
stack
page read and write
 clean
2107B24C000
unkown
page read and write
 clean
7FF50DBBB000
unkown image
page readonly
 clean
7FF55C8F7000
unkown image
page readonly
 clean
22479BB9000
unkown
page read and write
 clean
2107B200000
unkown
page read and write
 clean
B4494FF000
stack
page read and write
 clean
1EE8B470000
unkown image
page readonly
 clean
7FF56A4F7000
unkown image
page readonly
 clean
B449478000
stack
page read and write
 clean
97A38FA000
stack
page read and write
 clean
22479780000
unkown image
page readonly
 clean
7FF55CC33000
unkown image
page readonly
 clean
97A3AFC000
stack
page read and write
 clean
22479B94000
unkown
page read and write
 clean
7FF5235D7000
unkown image
page readonly
 clean
22479B91000
unkown
page read and write
 clean
7FF533EB5000
unkown image
page readonly
 clean
7FF50DC61000
unkown image
page readonly
 clean
B370FFD000
stack
page read and write
 clean
7FF5233B8000
unkown image
page readonly
 clean
7FF55C687000
unkown image
page readonly
 clean
2107B0A0000
unkown image
page readonly
 clean
B4496FF000
stack
page read and write
 clean
7FF5BEE21000
unkown image
page readonly
 clean
7FF5344A0000
unkown image
page readonly
 clean
7FF5BEDF5000
unkown image
page readonly
 clean
B3713FF000
stack
page read and write
 clean
1EE8B700000
unkown
page read and write
 clean
7DF557F20000
unkown image
page readonly
 clean
1DE14000000
unkown
page read and write
 clean
284ABE70000
heap private
page read and write
 clean
22479BB3000
unkown
page read and write
 clean
22479316000
unkown
page read and write
 clean
7FF549AA8000
unkown image
page readonly
 clean
7DF56A990000
unkown image
page readonly
 clean
7FF510A03000
unkown image
page readonly
 clean
7DF56A982000
unkown image
page readonly
 clean
1E90DCE0000
unkown image
page readonly
 clean
7FF54A1BF000
unkown image
page readonly
 clean
7DF542440000
unkown image
page readonly
 clean
22479B57000
unkown
page read and write
 clean
21F2723D000
unkown
page read and write
 clean
7FF54A1C3000
unkown image
page readonly
 clean
284AC200000
unkown image
page readonly
 clean
1EE8B580000
unkown
page read and write
 clean
7FF56A55E000
unkown image
page readonly
 clean
7FF510A27000
unkown image
page readonly
 clean
19D0B640000
unkown image
page readonly
 clean
1EE8B430000
unkown
page read and write
 clean
7FF55CAED000
unkown image
page readonly
 clean
7FF5BEC25000
unkown image
page readonly
 clean
7DF531440000
unkown image
page readonly
 clean
1DE13E50000
unkown image
page readonly
 clean
3160DFF000
stack
page read and write
 clean
7DF468850000
unkown image
page readonly
 clean
A12BFFE000
stack
page read and write
 clean
7DF5CCC02000
unkown image
page readonly
 clean
21F27080000
unkown image
page read and write
 clean
1EE8B720000
heap private
page read and write
 clean
1DE14071000
unkown
page read and write
 clean
7FF55C9F2000
unkown image
page readonly
 clean
7FF55CC40000
unkown image
page readonly
 clean
B4497FF000
stack
page read and write
 clean
1EE8B646000
unkown
page read and write
 clean
7FF5236D3000
unkown image
page readonly
 clean
7DF51B8E0000
unkown image
page readonly
 clean
22479271000
unkown
page read and write
 clean
7DF542452000
unkown image
page readonly
 clean
19D0B295000
unkown
page read and write
 clean
19D0B250000
unkown image
page readonly
 clean
22479BB7000
unkown
page read and write
 clean
A12C2FE000
stack
page read and write
 clean
22479BA2000
unkown
page read and write
 clean
2107B313000
unkown
page read and write
 clean
7FF54A2AA000
unkown image
page readonly
 clean
2247A03C000
unkown
page read and write
 clean
22479B96000
unkown
page read and write
 clean
22479B91000
unkown
page read and write
 clean
7FF50D353000
unkown image
page readonly
 clean
22479B7C000
unkown
page read and write
 clean
22479070000
unkown image
page read and write
 clean
22479B7F000
unkown
page read and write
 clean
BE362FF000
stack
page read and write
 clean
BE35FFC000
stack
page read and write
 clean
7FF55CC73000
unkown image
page readonly
 clean
7FF5237C1000
unkown image
page readonly
 clean
7FF55CA7F000
unkown image
page readonly
 clean
7DF542442000
unkown image
page readonly
 clean
B448BAD000
stack
page read and write
 clean
7FF5BED6D000
unkown image
page readonly
 clean
22479B4A000
unkown
page read and write
 clean
7FF4FA6F1000
unkown image
page readonly
 clean
7FF5109C3000
unkown image
page readonly
 clean
1EE8C3A0000
unkown
page read and write
 clean
7FF4FA4BD000
unkown image
page readonly
 clean
284AC102000
unkown
page read and write
 clean
7FF56A57A000
unkown image
page readonly
 clean
19D0B286000
heap default
page read and write
 clean
284AC013000
unkown
page read and write
 clean
1E90DE60000
unkown
page read and write
 clean
7FF5346ED000
unkown image
page readonly
 clean
7FF50DBC3000
unkown image
page readonly
 clean
7DF508360000
unkown image
page readonly
 clean
7FF51091C000
unkown image
page readonly
 clean
284ABFB0000
unkown image
page readonly
 clean
7DF51E720000
unkown image
page readonly
 clean
19D0B230000
unkown image
page readonly
 clean
1E90DCC0000
unkown image
page readonly
 clean
7FF53475A000
unkown image
page readonly
 clean
1EE8B5A0000
unkown image
page readonly
 clean
2107B080000
unkown image
page read and write
 clean
7FF5BED8B000
unkown image
page readonly
 clean
22479B5E000
unkown
page read and write
 clean
7FF5109D0000
unkown image
page readonly
 clean
2247A000000
unkown
page read and write
 clean
7FF50DB83000
unkown image
page readonly
 clean
7FF55CCF9000
unkown image
page readonly
 clean
BE360FB000
stack
page read and write
 clean
2107B270000
unkown
page read and write
 clean
7FF534733000
unkown image
page readonly
 clean
7DF508352000
unkown image
page readonly
 clean
1FC7F3C0000
unkown
page read and write
 clean
1DE14113000
unkown
page read and write
 clean
1DE1404C000
unkown
page read and write
 clean
7FF54A203000
unkown image
page readonly
 clean
1E90DE5E000
unkown
page read and write
 clean
7FF5BEE97000
unkown image
page readonly
 clean
1EE8B6F0000
unkown
page read and write
 clean
284AC660000
unkown
page read and write
 clean
224791C0000
unkown image
page readonly
 clean
239B27E000
stack
page read and write
 clean
22479090000
unkown image
page readonly
 clean
7FF5BEF9A000
unkown image
page readonly
 clean
7FF55CAD1000
unkown image
page readonly
 clean
22479B7B000
unkown
page read and write
 clean
22479BD8000
unkown
page read and write
 clean
7FF55CB2F000
unkown image
page readonly
 clean
7FF55CB37000
unkown image
page readonly
 clean
3160CFC000
stack
page read and write
 clean
7FF5346E9000
unkown image
page readonly
 clean
22479B78000
unkown
page read and write
 clean
1DE1404F000
unkown
page read and write
 clean
21F27780000
unkown image
page readonly
 clean
7FF5236E0000
unkown image
page readonly
 clean
7DF557F22000
unkown image
page readonly
 clean
A12C1FE000
stack
page read and write
 clean
284ABE80000
unkown image
page readonly
 clean
1FC7F3A0000
unkown image
page readonly
 clean
1E90DCB0000
heap private
page read and write
 clean
7FF55CC9D000
unkown image
page readonly
 clean
22479860000
unkown image
page readonly
 clean
7FF55CC47000
unkown image
page readonly
 clean
7FF54A1DE000
unkown image
page readonly
 clean
7FF50DBE7000
unkown image
page readonly
 clean
7DF557F10000
unkown image
page readonly
 clean
1EE8B645000
heap default
page read and write
 clean
1EE8B940000
unkown image
page readonly
 clean
22479BA5000
unkown
page read and write
 clean
1EE8B560000
unkown
page read and write
 clean
7FF50DC42000
unkown image
page readonly
 clean
7FF50F6D1000
unkown image
page readonly
 clean
22479B7E000
unkown
page read and write
 clean
2107B0F0000
heap default
page read and write
 clean
1E90DE32000
unkown
page read and write
 clean
A12BB8E000
stack
page read and write
 clean
22479B81000
unkown
page read and write
 clean
7FF5BEFA1000
unkown image
page readonly
 clean
7DF51B8E2000
unkown image
page readonly
 clean
1EE8B61C000
unkown
page read and write
 clean
224792B3000
unkown
page read and write
 clean
7FF55CBE2000
unkown image
page readonly
 clean
19D0B27B000
heap default
page read and write
 clean
7FF55CBD1000
unkown image
page readonly
 clean
7FF55CBCF000
unkown image
page readonly
 clean
7FF5237A4000
unkown image
page readonly
 clean
7DF5CCC20000
unkown image
page readonly
 clean
B370E7B000
unkown
page read and write
 clean
21F271D0000
unkown image
page readonly
 clean
2247924F000
unkown
page read and write
 clean
7DF455DE0000
unkown image
page readonly
 clean
224792A9000
unkown
page read and write
 clean
22479B8D000
unkown
page read and write
 clean
7DF51E712000
unkown image
page readonly
 clean
7DF440310000
unkown image
page readonly
 clean
B448EFB000
stack
page read and write
 clean
19D0B1E0000
unkown
page read and write
 clean
22479B80000
unkown
page read and write
 clean
7FF55C4D5000
unkown image
page readonly
 clean
22479BA2000
unkown
page read and write
 clean
22479302000
unkown
page read and write
 clean
7FF54A29A000
unkown image
page readonly
 clean
284AC660000
unkown
page read and write
 clean
22479BA0000
unkown
page read and write
 clean
22479BA1000
unkown
page read and write
 clean
1DE1407C000
unkown
page read and write
 clean
7FF50DC6A000
unkown image
page readonly
 clean
22479910000
unkown image
page read and write
 clean
2107BA02000
unkown
page read and write
 clean
22479080000
heap private
page read and write
 clean
22479B8F000
unkown
page read and write
 clean
7FF4FA55C000
unkown image
page readonly
 clean
2107B400000
unkown image
page readonly
 clean
2247A002000
unkown
page read and write
 clean
1E90DE29000
unkown
page read and write
 clean
2107B0A0000
unkown image
page readonly
 clean
7FF55CD1A000
unkown image
page readonly
 clean
7DF557F20000
unkown image
page readonly
 clean
B4495FE000
stack
page read and write
 clean
7FF50DBCE000
unkown image
page readonly
 clean
22479B89000
unkown
page read and write
 clean
7FF56A54B000
unkown image
page readonly
 clean
7FF5109FB000
unkown image
page readonly
 clean
7FF5109E7000
unkown image
page readonly
 clean
7FF523049000
unkown image
page readonly
 clean
7FF56A600000
unkown image
page readonly
 clean
7FF55C801000
unkown image
page readonly
 clean
3C94F7F000
stack
page read and write
 clean
7DF578262000
unkown image
page readonly
 clean
7FF56A523000
unkown image
page readonly
 clean
21F27313000
unkown
page read and write
 clean
7DF41C5E0000
unkown image
page readonly
 clean
7FF5BEE25000
unkown image
page readonly
 clean
765247F000
stack
page read and write
 clean
7FF5237B5000
unkown image
page readonly
 clean
7DF531420000
unkown image
page readonly
 clean
7FF510935000
unkown image
page readonly
 clean
7FF55CC7E000
unkown image
page readonly
 clean
7FF55CC97000
unkown image
page readonly
 clean
1E90DE46000
unkown
page read and write
 clean
21F27202000
unkown
page read and write
 clean
7DF557F10000
unkown image
page readonly
 clean
22479B76000
unkown
page read and write
 clean
22479B4A000
unkown
page read and write
 clean
1E90DE58000
unkown
page read and write
 clean
7DF5CCC00000
unkown image
page readonly
 clean
7DF508362000
unkown image
page readonly
 clean
22479B94000
unkown
page read and write
 clean
7FF5109BD000
unkown image
page readonly
 clean
7FF55CC29000
unkown image
page readonly
 clean
1EE8BCC0000
unkown image
page readonly
 clean
7FF5BEDFB000
unkown image
page readonly
 clean
22479B8D000
unkown
page read and write
 clean
97A349B000
unkown
page read and write
 clean
7FF56A57D000
unkown image
page readonly
 clean
7FF55C8F4000
unkown image
page readonly
 clean
7FF4FA6DA000
unkown image
page readonly
 clean
B37137D000
stack
page read and write
 clean
1EE8B61C000
unkown
page read and write
 clean
7FF56A4EE000
unkown image
page readonly
 clean
7FF52371E000
unkown image
page readonly
 clean
7FF5109DE000
unkown image
page readonly
 clean
22479B8D000
unkown
page read and write
 clean
7FF4FA617000
unkown image
page readonly
 clean
19D0B296000
unkown
page read and write
 clean
7FF510A2A000
unkown image
page readonly
 clean
7FF56A520000
unkown image
page readonly
 clean
7FF56A5EA000
unkown image
page readonly
 clean
3C94E7B000
unkown
page read and write
 clean
7FF5236CD000
unkown image
page readonly
 clean
97A39FF000
stack
page read and write
 clean
7FF5346D7000
unkown image
page readonly
 clean
7FF5234B8000
unkown image
page readonly
 clean
7DF578272000
unkown image
page readonly
 clean
21F27275000
unkown
page read and write
 clean
BE35BFB000
unkown
page read and write
 clean
7FF510671000
unkown image
page readonly
 clean
7FF56A5F1000
unkown image
page readonly
 clean
7FF55C68B000
unkown image
page readonly
 clean
7FF56A50A000
unkown image
page readonly
 clean
7FF50D830000
unkown image
page readonly
 clean
765227F000
stack
page read and write
 clean
1DE14802000
unkown
page read and write
 clean
1EE8B730000
unkown
page read and write
 clean
2247A09D000
unkown
page read and write
 clean
7DF557F22000
unkown image
page readonly
 clean
7FF5BEDAF000
unkown image
page readonly
 clean
7FF534703000
unkown image
page readonly
 clean
7FF5109BF000
unkown image
page readonly
 clean
22479B70000
unkown
page read and write
 clean
7FF52373A000
unkown image
page readonly
 clean
7FF56A39F000
unkown image
page readonly
 clean
22479B14000
unkown
page read and write
 clean
7DF542450000
unkown image
page readonly
 clean
7DF56A980000
unkown image
page readonly
 clean
22479B8D000
unkown
page read and write
 clean
2247A002000
unkown
page read and write
 clean
7FF534757000
unkown image
page readonly
 clean
22479BC6000
unkown
page read and write
 clean
1FC7F390000
heap default
page read and write
 clean
1DE14100000
unkown
page read and write
 clean
1E90DE49000
unkown
page read and write
 clean
7DF4197A0000
unkown image
page readonly
 clean
1EE8B420000
unkown image
page read and write
 clean
7FF55C887000
unkown image
page readonly
 clean
21F271F0000
unkown
page read and write
 clean
7FF56A4E3000
unkown image
page readonly
 clean
7FF5346F3000
unkown image
page readonly
 clean
19D0B180000
unkown image
page read and write
 clean
7FF55CAD9000
unkown image
page readonly
 clean
22479B16000
unkown
page read and write
 clean
7DF51B8D0000
unkown image
page readonly
 clean
7FF54A2B1000
unkown image
page readonly
 clean
97A3DFD000
stack
page read and write
 clean
7FF54A289000
unkown image
page readonly
 clean
1DE14102000
unkown
page read and write
 clean
22479B96000
unkown
page read and write
 clean
7FF54A1FB000
unkown image
page readonly
 clean
3C94EFE000
stack
page read and write
 clean
7DF5CCC02000
unkown image
page readonly
 clean
1EE8B61B000
heap default
page read and write
 clean
224792AD000
unkown
page read and write
 clean
7FF55CAD5000
unkown image
page readonly
 clean
7FF56A50F000
unkown image
page readonly
 clean
1EE8C370000
unkown
page read and write
 clean
7FF5346EF000
unkown image
page readonly
 clean
7FF5BEEAD000
unkown image
page readonly
 clean
7DF51E710000
unkown image
page readonly
 clean
7FF534707000
unkown image
page readonly
 clean
284AC400000
unkown image
page readonly
 clean
7DF508350000
unkown image
page readonly
 clean
19D0B7C0000
unkown image
page readonly
 clean
7FF51090B000
unkown image
page readonly
 clean
22479B81000
unkown
page read and write
 clean
22479BA5000
unkown
page read and write
 clean
22479257000
unkown
page read and write
 clean
21F27213000
unkown
page read and write
 clean
7FF4FA1D1000
unkown image
page readonly
 clean
22479229000
unkown
page read and write
 clean
22479B7D000
unkown
page read and write
 clean
1E90DE5A000
unkown
page read and write
 clean
7FF53472B000
unkown image
page readonly
 clean
2247A002000
unkown
page read and write
 clean
3C951FF000
stack
page read and write
 clean
22479B82000
unkown
page read and write
 clean
224792DF000
unkown
page read and write
 clean
7DF542452000
unkown image
page readonly
 clean
7FF510AB1000
unkown image
page readonly
 clean
7FF54A22A000
unkown image
page readonly
 clean
2247A002000
unkown
page read and write
 clean
22479BB7000
unkown
page read and write
 clean
7FF5BEEAF000
unkown image
page readonly
 clean
7FF52355A000
unkown image
page readonly
 clean
284ABEB0000
unkown image
page readonly
 clean
224792D4000
unkown
page read and write
 clean
7FF534497000
unkown image
page readonly
 clean
7FF54A2A1000
unkown image
page readonly
 clean
7FF4FA66D000
unkown image
page readonly
 clean
7FF4FA5FD000
unkown image
page readonly
 clean
7FF5BED70000
unkown image
page readonly
 clean
7FF523363000
unkown image
page readonly
 clean
1FC7F46C000
unkown
page read and write
 clean
7FF50DB67000
unkown image
page readonly
 clean
1FC7F340000
unkown image
page readonly
 clean
7DF578280000
unkown image
page readonly
 clean
7FF4FA6EA000
unkown image
page readonly
 clean
1FC7F340000
unkown image
page readonly
 clean
7FF5237B1000
unkown image
page readonly
 clean
22479BA6000
unkown
page read and write
 clean
1E90DE79000
unkown
page read and write
 clean
2247A002000
unkown
page read and write
 clean
7DF51B8F0000
unkown image
page readonly
 clean
7FF50DB97000
unkown image
page readonly
 clean
2107B090000
heap private
page read and write
 clean
97A3CFD000
stack
page read and write
 clean
7FF510A9A000
unkown image
page readonly
 clean
22479251000
unkown
page read and write
 clean
19D0B270000
heap default
page read and write
 clean
7DF531432000
unkown image
page readonly
 clean
1FC7FA50000
unkown image
page readonly
 clean
2247A06A000
unkown
page read and write
 clean
7FF54A22D000
unkown image
page readonly
 clean
22479B82000
unkown
page read and write
 clean
1FC7F513000
unkown
page read and write
 clean
7FF510AAA000
unkown image
page readonly
 clean
22479B7E000
unkown
page read and write
 clean
7FF534738000
unkown image
page readonly
 clean
1DE13FA0000
unkown
page read and write
 clean
7FF55C919000
unkown image
page readonly
 clean
22479B5E000
unkown
page read and write
 clean
1FC7F42A000
unkown
page read and write
 clean
7FF5236C6000
unkown image
page readonly
 clean
22479BDE000
unkown
page read and write
 clean
1FC7F400000
unkown
page read and write
 clean
97A42FE000
stack
page read and write
 clean
22479B80000
unkown
page read and write
 clean
7DF557F30000
unkown image
page readonly
 clean
22479B90000
unkown
page read and write
 clean
7FF53470E000
unkown image
page readonly
 clean
7FF4F9EAB000
unkown image
page readonly
 clean
1FC7F402000
unkown
page read and write
 clean
7FF4FA5F9000
unkown image
page readonly
 clean
3160EFF000
stack
page read and write
 clean
239AF7B000
stack
page read and write
 clean
284AC590000
unkown image
page readonly
 clean
7FF523712000
unkown image
page readonly
 clean
1EE8B645000
unkown
page read and write
 clean
284AC580000
unkown image
page readonly
 clean
22479BBF000
unkown
page read and write
 clean
7FF4FA4C0000
unkown image
page readonly
 clean
7DF51E712000
unkown image
page readonly
 clean
7DF542450000
unkown image
page readonly
 clean
B449377000
stack
page read and write
 clean
B448B2E000
stack
page read and write
 clean
7FF5347DA000
unkown image
page readonly
 clean
224790B0000
unkown image
page readonly
 clean
7FF5347CA000
unkown image
page readonly
 clean
7FF4FA6C2000
unkown image
page readonly
 clean
22479B76000
unkown
page read and write
 clean
7FF55CC9A000
unkown image
page readonly
 clean
1FC7F413000
unkown
page read and write
 clean
22479B7B000
unkown
page read and write
 clean
7FF5BEEA9000
unkown image
page readonly
 clean
1FC7FC02000
unkown
page read and write
 clean
7FF50DC71000
unkown image
page readonly
 clean
7FF5235D2000
unkown image
page readonly
 clean
2247A09D000
unkown
page read and write
 clean
7FF5236CF000
unkown image
page readonly
 clean
7FF522F29000
unkown image
page readonly
 clean
7FF5346AE000
unkown image
page readonly
 clean
22479BA5000
unkown
page read and write
 clean
2107B23C000
unkown
page read and write
 clean
1EE8C390000
unkown
page read and write
 clean
7DF557F30000
unkown image
page readonly
 clean
22479900000
unkown
page read and write
 clean
7FF510836000
unkown image
page readonly
 clean
22479B8F000
unkown
page read and write
 clean
22479B83000
unkown
page read and write
 clean
7DF578272000
unkown image
page readonly
 clean
7FF5236D6000
unkown image
page readonly
 clean
7DF557F12000
unkown image
page readonly
 clean
22479BA4000
unkown
page read and write
 clean
7FF54A1D7000
unkown image
page readonly
 clean
7FF510A94000
unkown image
page readonly
 clean
7FF4FA6C9000
unkown image
page readonly
 clean
284AC05C000
unkown
page read and write
 clean
7FF56A47C000
unkown image
page readonly
 clean
7FF55CC57000
unkown image
page readonly
 clean
22479B83000
unkown
page read and write
 clean
7FF56A2F6000
unkown image
page readonly
 clean
7FF523365000
unkown image
page readonly
 clean
7FF4FA6D4000
unkown image
page readonly
 clean
22479A02000
unkown
page read and write
 clean
224792C0000
unkown
page read and write
 clean
7FF55CD20000
unkown image
page readonly
 clean
7FF55CCF2000
unkown image
page readonly
 clean
1EE8B710000
unkown
page read and write
 clean
22479B8F000
unkown
page read and write
 clean
7FF55CC4E000
unkown image
page readonly
 clean
22479213000
unkown
page read and write
 clean
7FF5BED26000
unkown image
page readonly
 clean
19D0B29F000
unkown
page read and write
 clean
7FF56A527000
unkown image
page readonly
 clean
7DF51B8E0000
unkown image
page readonly
 clean
1E90DE13000
unkown
page read and write
 clean
1E90DE57000
unkown
page read and write
 clean
7FF55CAF0000
unkown image
page readonly
 clean
239A9FC000
unkown
page read and write
 clean
2107B780000
unkown image
page readonly
 clean
1E90DE42000
unkown
page read and write
 clean
1E90DE40000
unkown
page read and write
 clean
22479BA5000
unkown
page read and write
 clean
1EE8B614000
unkown
page read and write
 clean
B37127E000
stack
page read and write
 clean
7FF50DB9E000
unkown image
page readonly
 clean
7FF50DBED000
unkown image
page readonly
 clean
21F27200000
unkown
page read and write
 clean
7DF578280000
unkown image
page readonly
 clean
22479B91000
unkown
page read and write
 clean
1E90DE3B000
unkown
page read and write
 clean
7FF4FA54B000
unkown image
page readonly
 clean
1E90E200000
unkown image
page readonly
 clean
7FF510905000
unkown image
page readonly
 clean
2247A002000
unkown
page read and write
 clean
22479B80000
unkown
page read and write
 clean
22479BB7000
unkown
page read and write
 clean
22479B82000
unkown
page read and write
 clean
7FF55CD21000
unkown image
page readonly
 clean
7FF55CC0E000
unkown image
page readonly
 clean
21F27229000
unkown
page read and write
 clean
22479900000
unkown
page read and write
 clean
7DF508370000
unkown image
page readonly
 clean
7FF55C889000
unkown image
page readonly
 clean
22479B7A000
unkown
page read and write
 clean
7FF5BEE0C000
unkown image
page readonly
 clean
22479B00000
unkown
page read and write
 clean
22479B5E000
unkown
page read and write
 clean
7FF510265000
unkown image
page readonly
 clean
239ACFE000
stack
page read and write
 clean
22479900000
unkown
page read and write
 clean
7FF56A386000
unkown image
page readonly
 clean
224792C7000
unkown
page read and write
 clean
22479B88000
unkown
page read and write
 clean
1EE8B725000
heap private
page read and write
 clean
7FF4FA476000
unkown image
page readonly
 clean
76522FF000
stack
page read and write
 clean
7FF55CB8C000
unkown image
page readonly
 clean
7FF5BEEC3000
unkown image
page readonly
 clean
2247924B000
unkown
page read and write
 clean
1E90DE62000
unkown
page read and write
 clean
7FF50D82D000
unkown image
page readonly
 clean
7DF557F12000
unkown image
page readonly
 clean
7FF5BEF72000
unkown image
page readonly
 clean
7FF510931000
unkown image
page readonly
 clean
7DF406220000
unkown image
page readonly
 clean
A12C0FE000
stack
page read and write
 clean
284ABED0000
heap default
page read and write
 clean
284ABFD0000
unkown
page read and write
 clean
B3710FF000
stack
page read and write
 clean
7FF5BEF1D000
unkown image
page readonly
 clean
7FF55C4DB000
unkown image
page readonly
 clean
1E90DF02000
unkown
page read and write
 clean
7FF55CD04000
unkown image
page readonly
 clean
7FF55CBA5000
unkown image
page readonly
 clean
22479B60000
unkown
page read and write
 clean
2107B264000
unkown
page read and write
 clean
1E90DE7D000
unkown
page read and write
 clean
7FF55CC2F000
unkown image
page readonly
 clean
There are 966 hidden memdumps, click here to show them.

DOM / HTML

URL
Malicious
file:///C:/Users/user/Desktop/WireAdviceCopy.html
 malicious